|
|
|
Membership Referenda
Any Cyberspace Communications member can propose a referendum for vote by the
membership. The results of such votes are binding on the board and can only
be overturned by another member referendum.
Restriction of Outgoing Net Access - Passed August 17, 1994
The following internet services enrich the Grex community, do not use much
bandwidth, and do not provide much potential for internet mischief; therefore
they should be made available to all:
Finger
Whois
Ping
Mail (incoming and outgoing)
Incoming Usenet News
Incoming Telnet
Incoming FTP
Incoming Lynx
Talk (and it's various permutations)
Archie
Veronica
WAIS
Gopher (with all Telnet capabilities disabled)
The following services will be restricted to VERIFIED GREX MEMBERS and
VERIFIED GREX USERS (however the board shall define that term) because of the
potential for world-wide mischief:
Outgoing Usenet News
The following services will be restricted to VERIFIED GREX MEMBERS in good
standing, because these services utilize a lot of bandwidth, offer less of
a benefit to the Grex community as a whole, and/or hold the potential for
system cracking and other undesirable activities:
Outgoing FTP
Outgoing Telnet
Outgoing Lynx
Gopher (with telnet capability enabled.)
IRC
Being that the major objection to open access for the above services is the
lack of available bandwidth on Grex's internet link, It is understood that
any of these services may be made available to all VERIFIED USERS as well as
VERIFIED MEMBERS as soon as Grex acquires a link of suitable power and
robustness.
In order to maintain the integrity of both Grex, and of the Internet as a
whole, the Grex board shall have the power to restrict or deny internet access
to groups or individuals who pose a security risk, or who engage in
inappropriate behavior (as defined by the Grex board).
The board may also make modifications to this proposal without resorting to
a member vote in the case of an emergency situation, or if some provision of
this proposal proves to be technically impossible to implement.
22 responses total.
Membership Referenda Any Cyberspace Communications member can propose a referendum for vote by the membership. The results of such votes are binding on the board and can only be overturned by another member referendum. ---------------------------------------------- The Restriction of Outgoing Net Access posted in this item is in need of revision. Essentially, the board has been discussing the idea that Verified Grex Users be allowed the same access to FTP, telnet, Lynx, gopher, and IRC that Verified Grex Members currently enjoy. In the past 13 years, many of the hardware limits that existed when this was passed have become irrelevant. In fact, explicity included in this policy is the statement: "Being that the major objection to open access for the above services is the lack of available bandwidth on Grex's internet link, It is understood that any of these services may be made available to all VERIFIED USERS as well as VERIFIED MEMBERS as soon as Grex acquires a link of suitable power and robustness." The board is now discussing making those services available to Verified Users as soon as possible. Before I post a new referendum, I'd like to hear what people think. In two weeks, I'll see if we have a consensus, and draft a proposal.
I think we could simplify the language by saying that all members are required to be verified users and simply drop the verbage about members entirely. In particular, the requirements for becoming a member are a superset for becoming a verified user, which implies that verified users form a superset of members, so we're not losing anything.
What is outgoing lynx? Do you mean the ability to host a website?
No, the ability to run a web browser.
If using a browser is potentially dangerous, should you also block wget? Outgoing kermit?
Yes.
Sindi - it is not Lynx itself that is dangerous. In order to allow people to use Lynx we have to flip a switch that allows them to send packets off of Grex using the http protocol. Unfortunately that access can be used by certain cracking software to cause problems on other systems.
Colleen - I'm wondering what the basis is for the header on this item, which says that a membership vote can't be overridden by a board vote. I'd always heard that the two were of equivalent weight. Not that I think it's a good idea for the board to trump the membership, but I always thought that it was possible if it became necessary.
I assumed it was the file downloads you were concerned about. Lynx sends requests for packets? As does wget, I presume.
Yes, they all do.
Re 8: I cut and pasted that from the Grex Governance web page. However, in reading the Articles, and the Bylaws, and all referenda, I cannot find it stated anywhere. I agree with you that it's not good for the board to trump the membership, and that the board needs to have the ability to take action without the prior approval of the membership. We should ask remmers to track down that citation.
Why me? :) To the best of my recollection, there's no formal specification about how member proposals and board actions interact. My personal *belief* is that a member vote shouldn't be overruled by the board except under very unusual circumstances (e.g. the policy voted on would be illegal, or an emergency situation has arisen), but I'd be at a loss to say where that's codified in black and white. The board can certainly take action without prior formal approval of the membership, and has done so many times. For matters of substance that affect users, the practice and expectation is that input from the users (not just members) in Coop should be solicited beforehand.
I assumed you had written the governance web page. If that wasn't you, can we hear from the person who did?
It wasn't me.
The authorship of many of the web pages is lost in the fog of history. I think Carl Miller wrote many of the original versions before I got really active on Grex. Valerie, Steve Weiss and I did substantial editing. Probably many other people did too.
Wow... archie and veronica were mentioned. I didn't think anyone used those anymore.
How 'come Jughead never got the internet fame he deserved?
"Being that the major objection to open access for the above services is the lack of available bandwidth on Grex's internet link, It is understood that any of these services may be made available to all VERIFIED USERS as well as VERIFIED MEMBERS as soon as Grex acquires a link of suitable power and robustness." Within the wording of the policy, a provision was made to consolidate users and members. I believe the board can do that without further ado. I would like to simply vote on moving certain actions from one list to the other. I need help in making sure the right actions are restricted. Would someone please consolidate the lists for me? For example, my understanding is that "ping" was blocked some years ago.
The question is which of the actions can be moved to a third list, which is an intermediate level between user and validated user. The board has proposed a "social validation" method, but we need a list of actions that are "relatively safe". Currently under discussion is outgoing email. What other "relatively safe" actions should be on that list? Before I write the final version of this, we need to come to consensus about those three lists.
From the April Board minutes: "Social validation" here means the user wanting to be promoted sends email to a group of grex users who would then grant the access. The validators might ask a question like "how did you hear about Grex" and wait for a reply. They would not be asking for ID, just a social handshake. This is probably enough to discourage most spammers and hackers. Other variations of social validation might include members vouching for some new user. The exact rules will need to evolve based on experience. Probably there should be some kind of limit on the maximum number of emails that can be sent per day even from validated account, as suggested in a previous board vote. ---------------- This is the "social validation" method that the board discussed. A group of semi-staff members would use simple scripts that would add the user to the intermediate level of internet access.
I'm assuming from the lack of activity in this item that folks are comfortable letting the board make these decisions. Sunday night there is a board meeting, so let's hear what you have to say, if you've got a particular point to make.
Just wanted to mention I think the social validation sounds best. It seems the most appropriate solution with what I've come to know from Grex. Other locations seem to be pay for service, I would rather see grex adopt a system using community standing, tenure, and general track record of the user. thx.
Response not possible - You must register and login before posting.
|
|
|
- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss